Trainline

Using Alert Logic’s managed threat defense solution in conjunction with our other security measures, helped us to demonstrate compliance with the PCI Data Security Standard and pass the audit.

Wyman Lewis, Director of Information Security

Want to learn about Alert Logic solutions?

Trainline   Download The Case Study

Keeping Clients Rolling and Secure
Achieving PCI Compliance on AWS 

Trainline is Europe’s leading independent retailer of train tickets. Now owned by KKR, it sells tickets worldwide on behalf of 48 train companies, helping customers make more than 100,000 smarter journeys every single day in and across 24 countries, generating £2.3 billion (US$3.0 billion) in annual revenues.

The Trainline website receives 30 million visits per month and the company is experiencing 100% year-on-year growth in app transaction volumes. Trainline sells a ticket every three seconds and manages an equally massive number of credit card transactions coming from all over Europe. Mieke Kooij, Trainline’s Security Director noted, “We’re trusted with a huge amount of personal data and it’s imperative that we put security first.”

The Challenge

True to its reputation of being one of the industry’s leading innovators, Trainline recently moved its portfolio of applications to Amazon Web Services (AWS), decommissioning its legacy bricks-and-mortar production data center in the process. The transition to AWS provided benefits with agility, efficiency, and economy but also necessitated a change in the company’s approach to security. “Executing in the cloud requires a totally different mindset: You can’t just deploy a traditional layered architecture and expect to be protected. Being virtual turns things on their head, you need new ways to gain visibility and ensure the right level of control,” explained Kooij. “We jumped at the opportunity to implement an entirely new security architecture,” she added.


The company’s solutions are specifically engineered for cloud deployments instead of taking older architectures and forcing them to work – this is exactly what we were looking for.

Mieke Kooij, Trainline’s Security Director

Why Alert Logic?

Jerry Wozniak, Application Security Lead for Trainline, recounted, “There are not a lot of cloud solution providers for either intrusion prevention systems (IPS) or intrusion detection systems (IDS). Functions such as file integrity monitoring, or even vulnerability scanning, are more challenging in a virtual environment. We looked for solutions that were designed from the ground-up to work in the cloud and that leverage advanced APIs to fully understand the infrastructure, rather than relying on the old approach of discovery via network scans.”

The Results

Trainline’s impressive year-after-year growth means that security measures have to scale accordingly to keep pace with the increasing volumes of data. With a back-end team that provides continual monitoring, Alert Logic delivers the required scalability and provides Trainline with the critical proof points required to maintain PCI DSS compliance. “With the managed, outsourced nature of the Alert Logic service, we don’t have to spend time or worry about hiring additional resources to maintain coverage,” asserted Wozniak.

Kooij added, “The Alert Logic team’s analysis of our logs has really helped us to understand what our applications are telling us, and what ‘normal’ and ‘good’ states look like, which is a view that we didn’t have before. It’s great working with a specialist and leader in this space who provide continuous monitoring and visibility.”

Wozniak added, “We have a very close relationship with our account manager and all of our questions and concerns are dealt with very professionally and quickly. I’m very happy with how the Alert Logic solutions work and the support we receive: The relationship has been going very well.”